0      0

SL2207 - How Should We Deal with Users Causing Cyber Breaches?

‐ Apr 7, 2022 12:20pm

People make mistakes. We can train them, we can write policies and procedures, we can run phishing tests, … and we still won’t have wiped out all the person-induced cyber risk from our organisations, because eventually someone will do something they shouldn’t.

So how should we act when this happens? Accept that we can’t stop all attacks all the time, and brush it off as “one of those things”? Go zero-tolerance on cyber error and call it gross misconduct by default? Can we, for that matter, even have a set policy on how we deal with someone doing something wrong?

Learning Objective:

  • To show, by way of real-world examples, the benefits of working with users who make mistakes rather than using policies as blunt instruments and punishing by default.


You must be logged in and own this session in order to post comments.